Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-2351

CWE-119Buffer Overflow4 documents4 sources
Severity
10.0CRITICAL
EPSS
25.0%
top 3.83%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netware
Timeline
PublishedJun 21
Latest updateMay 14

Description

Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDnovell/netware6.5+4

Patches

Patch: download.novell.comPatch: download.novell.com

🔴Vulnerability Details

2
GHSA
GHSA-fjqv-mmcc-cwv6: Stack-based buffer overflow in the CIFS2022-05-14
CVEList
CVE-2010-2351: Stack-based buffer overflow in the CIFS2010-06-21

💥Exploits & PoCs

1
Exploit-DB
Netware - SMB Remote Stack Overflow (PoC)2010-06-17
CVE-2010-2351 (CRITICAL CVSS 10) | Stack-based buffer overflow in the | cvebase.io